tokers commented on a change in pull request #1824:
URL: https://github.com/apache/apisix-dashboard/pull/1824#discussion_r621746501
##########
File path: api/conf/conf.yaml
##########
@@ -15,12 +15,21 @@
# limitations under the License.
#
+# yamllint disable rule:comments-indentation
conf:
- listen: # yamllint disable rule:comments-indentation
+ listen:
# host: 127.0.0.1 # the address on which the `Manager API` should
listen.
# The default value is 0.0.0.0, if want to specify,
please enable it.
# This value accepts IPv4, IPv6, and hostname.
port: 9000 # The port on which the `Manager API` should listen.
+
+ # ssl:
+ # host: 127.0.0.1 # the address on which the `Manager API` should
listen for HTTPS.
+ # The default value is 0.0.0.0, if want to specify,
please enable it.
Review comment:
We may also support the mTLS.
##########
File path: api/cmd/managerapi.go
##########
@@ -124,6 +130,29 @@ func NewManagerAPICommand() *cobra.Command {
}
}()
+ // HTTPS
+ if conf.SSLCert != "" && conf.SSLKey != "" {
+ addrSSL := net.JoinHostPort(conf.ServerHost,
strconv.Itoa(conf.SSLPort))
+ serverSSL := &http.Server{
+ Addr: addrSSL,
+ Handler: r,
+ ReadTimeout: time.Duration(1000) *
time.Millisecond,
+ WriteTimeout: time.Duration(5000) *
time.Millisecond,
+ TLSConfig: &tls.Config{
+ // Causes servers to use Go's
default ciphersuite preferences,
+ // which are tuned to avoid
attacks. Does nothing on clients.
+ PreferServerCipherSuites: true,
+ },
+ }
+ go func() {
+ err :=
serverSSL.ListenAndServeTLS(conf.SSLCert, conf.SSLKey)
+ if err != nil && err !=
http.ErrServerClosed {
+ utils.CloseAll()
+ log.Fatalf("listen and serv
fail: %s", err)
Review comment:
```suggestion
log.Fatalf("listen and serve
fail: %s", err)
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
